New Android ransomware targets smart TVs

This site may earn affiliate commissions from the links on this page. Terms of use.

It seems like you can’t go more than a few days lately without hearing about another ransomware attack. Sometimes it’s just regular folks getting hit by the scammers, but it can also be hospitals, universities, and businesses. Now, a new version of the Frantic Locker (or FLocker) Android ransomware has started popping up that goes after more than your phone or tablet. The new FLocker can lock down your TV until you pay up. And no, it doesn’t care that Game of Thrones is on.

FLocker has existed for a while now — it’s actually very well-maintained by ransomware standards. The developer is constantly updating the package and adding support for new Android system changes. In a new version of the malware, the owners added support for Android-powered smart TVs.

Weirdly, FLocker won’t work on Android devices that are in Kazakhstan, Azerbaijan, Bulgaria, Georgia, Hungary, Ukraine, Russia, Armenia, or Belarus. The first thing it does when reaching a new system (you have to install it somehow) is check its location. If it’s not in one of those countries, it attempts to install a command and control system on the smartphone or TV. Android has more security measures than your average Windows PC, believe it or not. In order to take control of your system, it needs administrator access. This is where the Android ransomware diverges from PC ransomware.

You can’t just encrypt important system data on an Android device without root access, which most devices don’t have. Thus, FLocker tries to get the user to grant administrator access, which allows it to control the screen and prevents it from being uninstalled. It starts by asking nicely, then gets serious with a fake system update warning. When it has admin, FLocker locks the screen to a fake law enforcement notice. As a fine for some unclear criminal activity, the owner of the TV or phone is asked to pay $200. Is the strangest twist yet, this fine must be paid via iTunes gift cards.

Because we’re not dealing with an encrypted volume, it is possible to fix the FLocker ransomware yourself. You’ll need a computer with the Android developer tools running. Using an ADB command, you can kill the malware process that’s locking the screen, then go into the settings and revoke its administrator access. That’s not an overly technical process, but you need to already have ADB debugging enabled on your device. If that’s not possible, you’ll have to factory reset. That may or may not even be an option on your TV, so Trend Micro suggest contacting the manufacturer.

Tagged In

People don’t check what they install… what do they expect? There’s a big reason even on my phone I don’t run a ton of apps. I look at every permission and does it make sense for this app… Also, where did I get the app…

Cestarian

Why on earth TVs?

KIMS

because if you have one, you likely want to use it?

Kojen Ku

Technology cannot stop idiots from doing stupid things.

Serendipity

what’s next. cinema?

Rawr

Before long it’ll be in your fridge, watch, thermostat, microwave, dishwasher, and toilet. If you don’t pay up, it’ll throw fecal matter back up your butt.

Kyle

More like the seat won’t lift, and you’ll be required to pay $20, and fast.

Thedon82z1

LMAO!!!

jack324

I’m waiting for some former black ops agent to somehow get this shit on there TV/phone. Somebody who’s connected enough to find the bastard that programed the virus and psychotic enough to beat the poor fool to death and leave a note on his corpse why they did it. Probably wouldn’t dissuade other programmers from doing the same, but it would make for a nice news piece.

deathspal

It only requires administrator rights to encrypt files because it is either trying to encrypt files it would otherwise not have access to (So non user files) or it is using part of the OSs encryption support. I’m sure it will only be a matter of time where they only target user controlled files and uses a completely built in to the malware encryption method….

Kyle

Android has always been a relatively vulnerable OS. I lock down permissions even on apps I know to be safe if I feel they don’t actually *need* the permission in order to function.

Ransomware the latest disgusting family member of malware. But Tv!! I just want to avoid the smart TV

Chris Daly

“YOU CANNOT HAVE YOUR TV BACK UNTIL YOU PAY US.”

Firmware reset.

Problem solved.

If it’s Android, I’m pretty sure there’s a button combination that will allow you to factory-reset it.

Mandark

Welcome to the Wild West that is Android

This site may earn affiliate commissions from the links on this page. Terms of use.

ExtremeTech Newsletter

Subscribe Today to get the latest ExtremeTech news delivered right to your inbox.

Email

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our
Terms of Use and
Privacy Policy. You may unsubscribe from the newsletter at any time.